问题描述
我正在尝试使用Maven生成强化报告,我已经下载了Fortify360插件,并安装了Fortify-plugin-1.0,将其安装在我的存储库中,然后在我的配置文件中添加了依赖项,但是我无法生成我的Java源代码的强化报告(.fpr)文件.能否帮助我,我该怎么做??
I am trying to generate a fortify report using maven, I have downloaded the plug-in Fortify360, and fortify-plugin-1.0, installed it in my repository and then added the dependencies in my profile, But i am not able to generate a fortify report(.fpr)file of my java source code.Can you please help me with how can i do it??
推荐答案
Fortify提供了maven插件的源代码.您需要构建它
Fortify provides source code for maven plugin. You need to build it
第1步构建强化插件
打开命令提示符
cd %FORTIFY_INSTALLATION_DIRECTORY%\HP_FORTIFY\HP_Fortify_SCA_and_Apps_3.90\Samples\advanced\maven-plugin
mvn clean install
构建成功后,强化插件将出现在您的本地存储库中
After sucessful build fortify plugin will be present into your local repository
步骤2将强化源代码分析器依赖项添加到项目pom文件中
Step # 2 Add fortify source code analyzer dependency to your project pom file
<build>
<plugins>
<plugin>
<groupId>com.fortify.ps.maven.plugin</groupId>
<artifactId>sca-maven-plugin</artifactId>
<version>3.90</version>
</plugin>
</plugins>
</build>
注意-确保您确认强化扫描插件的版本
Note - Make sure you verify fortify scan plugin version
FORTIFY_INSTALLATION_DIRECTORY%\HP_FORTIFY\HP_Fortify_SCA_and_Apps_3.90\Samples\advanced\maven-plugin\pom.xml
步骤3创建.frp/报告文件
Step # 3 Create .frp / report file
mvn sca:translate
mvn sca:scan
这将在目标目录中生成强化扫描报告文件
This will generate fortify scan report file in the target directory
这篇关于在Maven中生成Fortify报告的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!